5 novas vulnerabilidades expõem o 'backbone' de uma rede corporativa ao roubo de dados

5 novas vulnerabilidades expõem o 'backbone' de uma rede corporativa ao roubo de dados: A protocol that underpins widely used equipment made by telecommunications giant Cisco is vulnerable to multiple data-stealing attacks, researchers warned Wednesday. The five previously unreported vulnerabilities in implementations of the Cisco protocol — found by Armis Security, a California-based company — show the enduring challenge of keeping one insecure device from being a gateway to another for a hacker. The zero-day bugs affect the many voice-over-IP phones, routers, and switches at corporations around the world that use the protocol for communications. A hacker with enough skill and motivation to exploit the vulnerabilities could gain access to a company’s network and then, for example, take over the VOIP phones on the network to steal data or eavesdrop on calls. The routers and switches that are susceptible to the vulnerabilities form “the backbone of [an enterprise] network,” said Ben Seri, Armis’s vice president of research, who wrote a proof-of-concept for an attack on …

explicita